diff --git a/app/Http/Controllers/SearchController.php b/app/Http/Controllers/SearchController.php index ebe55a8a..460018d6 100755 --- a/app/Http/Controllers/SearchController.php +++ b/app/Http/Controllers/SearchController.php @@ -58,10 +58,24 @@ public function request($type = null, $query = null, $page = 1) { $antiXss = new \voku\helper\AntiXSS(); + $this->type = $type; - $this->query = urlencode($antiXss->xss_clean($query)); + + if (!is_null($query)) { + $this->query = $antiXss->xss_clean($query); + } else { + if (isset($_GET['q']) && !empty($_GET['q'])) { + $this->query = $antiXss->xss_clean($_GET['q']); + } + } + $this->page = $page; + if (isset($_GET['page'])) { + $this->page = (int) $_GET['page']; + if ($this->page < 1) { $this->page = 1; } + } + $jikan = new \Jikan\Jikan; if ($type == 'anime' || $type == 'manga') { @@ -87,7 +101,7 @@ public function request($type = null, $query = null, $page = 1) { if (app('redis')->exists($this->hash)) { $this->response['request_cached'] = true; return response()->json( - $this->response + json_decode(app('redis')->get($this->hash), true) + $this->response + json_decode(app('redis')->get($this->hash), true), 200, [], JSON_UNESCAPED_UNICODE ); } @@ -172,7 +186,7 @@ public function request($type = null, $query = null, $page = 1) { } return response()->json( - $this->response + $jikan->response + $this->response + $jikan->response, 200, [], JSON_UNESCAPED_UNICODE // fix utf8 issues ); } diff --git a/app/Http/Middleware/Blacklist.php b/app/Http/Middleware/Blacklist.php new file mode 100644 index 00000000..0ed9e438 --- /dev/null +++ b/app/Http/Middleware/Blacklist.php @@ -0,0 +1,39 @@ +loadList(); + + if ($this->inList()) { + return response()->json([ + 'error' => 'This IP has been blacklisted' + ]); + } + + return $next($request); + } + + private function loadList() { + if (!file_exists(BLACKLIST_PATH)) { + file_put_contents(BLACKLIST_PATH, json_encode([])); + } + + $this->blacklist = json_decode(file_get_contents(BLACKLIST_PATH), true); + } + + private function inList() { + $ip = $_SERVER['REMOTE_ADDR']; + return in_array($ip, $this->blacklist) ? true : false; + } + +} diff --git a/app/Http/Middleware/Throttle.php b/app/Http/Middleware/Throttle.php index 8cbc0719..d431b770 100755 --- a/app/Http/Middleware/Throttle.php +++ b/app/Http/Middleware/Throttle.php @@ -48,7 +48,6 @@ public function hit() { $this->ip = $_SERVER['REMOTE_ADDR']; $date = date("d-m-Y"); - if (!isset($this->sessions[$this->ip])) { // register the session $this->sessions[$this->ip] = [ $date => 0 diff --git a/bootstrap/app.php b/bootstrap/app.php index 071ff405..7ce26eb4 100755 --- a/bootstrap/app.php +++ b/bootstrap/app.php @@ -12,6 +12,7 @@ Defines */ define('SESSION_STORAGE_PATH', '/var/www/api.jikan/storage/app/sessions.json'); // depreciated. Using Redis now +define('BLACKLIST_PATH', '/var/www/api.jikan/storage/app/blacklist.json'); define('RATE_LIMIT', 5000); // per day define('CACHE_EXPIRE', 3600 * 24 * 3); // 3 days define('CACHE_EXPIRE_SEARCH', 3600 * 6); // 6 hours @@ -19,7 +20,7 @@ //define('CACHE_EXPIRE_SEARCH', 4); // 60 seconds | dev define('REST_VERSION', '2.2'); -define('SOURCE_VERSION', '1.15.9'); +define('SOURCE_VERSION', '1.15.12'); /* |-------------------------------------------------------------------------- @@ -80,6 +81,7 @@ // ]); $app->routeMiddleware([ + 'blacklist' => App\Http\Middleware\Blacklist::class, 'meta' => App\Http\Middleware\Meta::class, 'throttle' => App\Http\Middleware\Throttle::class ]); diff --git a/composer.lock b/composer.lock index 22692b4a..66530ec0 100755 --- a/composer.lock +++ b/composer.lock @@ -1654,12 +1654,12 @@ "source": { "type": "git", "url": "https://github.com/jikan-me/jikan.git", - "reference": "71dd593d6215c84567bf3c0e9d9178af9cb7cea7" + "reference": "dd5264fa12962b2964f5faf44dd6713ae6693d85" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/jikan-me/jikan/zipball/71dd593d6215c84567bf3c0e9d9178af9cb7cea7", - "reference": "71dd593d6215c84567bf3c0e9d9178af9cb7cea7", + "url": "https://api.github.com/repos/jikan-me/jikan/zipball/dd5264fa12962b2964f5faf44dd6713ae6693d85", + "reference": "dd5264fa12962b2964f5faf44dd6713ae6693d85", "shasum": "" }, "type": "library", @@ -1681,7 +1681,7 @@ } ], "description": "Jikan is an unofficial MyAnimeList API", - "time": "2018-05-13T22:11:56+00:00" + "time": "2018-05-25T01:01:55+00:00" }, { "name": "laravel/lumen-framework", diff --git a/routes/web.php b/routes/web.php index 1f521d22..4514ffbc 100755 --- a/routes/web.php +++ b/routes/web.php @@ -34,7 +34,7 @@ 'uses' => 'MetaLiteController@request' ]); -$router->group(['middleware' => ['meta', 'throttle']], function() use ($router) { +$router->group(['middleware' => ['blacklist', 'meta', 'throttle']], function() use ($router) { $router->get('anime[/{id:[0-9]+}[/{extend:[A-Za-z_]+}[/{extendArgs}]]]', [ 'uses' => 'AnimeController@request' @@ -52,7 +52,7 @@ 'uses' => 'CharacterController@request' ]); - $router->get('search[/{type}/{query}[/{page:[0-9]+}]]', [ + $router->get('search[/{type}[/{query}[/{page:[0-9]+}]]]', [ 'uses' => 'SearchController@request' ]); diff --git a/storage/app/.gitignore b/storage/app/.gitignore index d6b7ef32..3f34ef0e 100755 --- a/storage/app/.gitignore +++ b/storage/app/.gitignore @@ -1,2 +1,4 @@ * !.gitignore +sessions.json +blacklist.json \ No newline at end of file